Memory corruption errors in C/C++ programs remain the most common source of security
vulnerabilities in today's systems. Control-flow hijacking attacks exploit memory corruption …

Virtualization technology enables Cloud providers to efficiently use their computing services
and resources. Even if the benefits in terms of performance, maintenance, and cost are …

As control-flow hijacking defenses gain adoption, it is important to understand the remaining
capabilities of adversaries via memory exploits. Non-control data exploits are used to mount …

Control-Flow Bending: On the Effectiveness of Control-Flow Integrity Page 1 Open access to
the Proceedings of the 24th USENIX Security Symposium is sponsored by USENIX Control-Flow …

Return-oriented programming (ROP) offers a robust attack technique that has, not
surprisingly, been extensively used to exploit bugs in modern software programs (eg, web …

Current Control-Flow Integrity (CFI) implementations track control edges individually,
insensitive to the context of preceding edges. Recent work demonstrates that this leaves …

TrustZone-based Real-time Kernel Protection (TZ-RKP) is a novel system that provides real-
time protection of the OS kernel using the ARM TrustZone secure world. TZ-RKP is more …

As defense solutions against control-flow hijacking attacks gain wide deployment, control-
oriented exploits from memory errors become difficult. As an alternative, attacks targeting …

Memory corruption vulnerabilities are the root cause of many modern attacks. Existing
defense mechanisms are inadequate; in general, the software-based approaches are not …

The operation system kernel is the foundation of the whole system and is often the de facto
trusted computing base for many higher level security mechanisms. Unfortunately, kernel …